Centos 7 authentication with puppet

[Alexsey S]

Currently in puppet 2.7 is in use.
I am in process moving to puppet 4.

Centos clients are added to AD and authenticated using it.

One of the packages is responsible for configuring systems to allow certain users ssh access.
a file '/etc/custom_txt_file' manually created on system with contents of: ' a tag'

puppet reads that tag and if it finds match it adds certain AD group to /etc/pam_allowed_groups as well as /etc/sudoers

It is all written in custom code and does not want to play with puppet 4

I am wandering if there are better ways to achieve same functionality using hiera or an existing module if there is one like that.

Any suggestions and help would be appreciated.

Thank you

[Thomas Müller]

One of the packages is responsible for configuring systems to allow certain users ssh access.
a file '/etc/custom_txt_file' manually created on system with contents of: ' a tag'

puppet reads that tag and if it finds match it adds certain AD group to /etc/pam_allowed_groups as well as /etc/sudoers

It is all written in custom code and does not want to play with puppet 4

I am wandering if there are better ways to achieve same functionality using hiera or an existing module if there is one like that.

Any suggestions and help would be appreciated.

Thank you

I would use the role/profiles pattern and add a role level in the hiera hiearchy and add the config-data within the role level and not depend on manually created files on the target system.

- Thomas

http://www.craigdunn.org/2012/05/239/